SlideShare a Scribd company logo

PACKET Sniffer IMPLEMENTATION

Download as PPTX, PDF
G
Goutham Royal

This document describes the implementation of a packet sniffer using Python. It explains what packet sniffing is and how it works by capturing network packets and examining the packet headers. It then outlines the steps to create a raw socket in Python and parse the TCP/IP headers to retrieve information from incoming packets like source/destination addresses and ports. The results of the packet sniffer are demonstrated and examples of common uses for network troubleshooting and traffic analysis are provided.

1 of 19
PACKET SNIFFER IMPLEMENTATION By Badrik Modi (011496654) Goutham Sunkara (011463270) Harika Reddy Patlolla (011050052) Sreekar Adapa (011468938)
 what is a packet sniffing?  How does it work?  Implementation using python  Result  Uses of packet sniffer  Conclusion  References CONTENT:
 Packet sniffing, or packet analyzer, is the process of capturing the data that is passed over the local network and looking for any information that may be useful.  Packet sniffing is a passive technique, no one actually is attacking your computer and investigating through the files. most of the time, system administrator uses packet sniffer to troubleshoot network problems. What is Packet Sniffing?
 Typically, when people think of network traffic, they think that it goes directly from their computers to the router or switch and up to the gateway and then out to the internet, where it routes similarly until it gets to specified destination.  This is mostly true except for one fundamental detail. Your computer isn’t sending data anywhere. How does it work?
 Instead, it broadcasts the data in packets but have the destination in the header.  Every node on network receives the packet, determines whether it is the intended recipient and then either accepts the packet or ignores it. How does it work? (Cont.)
 Sniffing method works in switched and non-switched network.  Sniffing methods IP based sniffing. MAC based sniffing. ARP based sniffing. Sniffing Methods:
Sniffer program  Wireshark is the commonly used packet sniffer/protocol analyzer.  Packet sniffers can be written in python too and in this program we have written a sniffer program in python in Linux platform.  Why Linux? Although python is a portable, the program won’t run and give similar results on windows. Implementation Using Python
 This is due to difference in the implementation of the socket API.  Our packet sniffer program doesn’t use any extra libraries like libpcap. Instead, they just use raw sockets. Implementation Using Python (Cont.)
 Create a raw socket.  Receive a packet and get packet string from tuple.  From received packet parse TCP/IP header with the help of unpack method.  Now parse the TCP/IP packet for retrieving TCP/IP header. Steps of Implementation
 Now check with the internal protocol used. If IP then, parse IP packet for retrieving IP header Then print version, IP header length, TTL, protocol, source address and destination address. If TCP then, parse TCP packet for retrieving TCP header Then print source port, destination port, sequence number, acknowledgement and TCP header length. Steps of Implementation (Cont.)
 CREATING A RAW SOCKET. S = SOCKET.SOCKET(SOCKET.AF_INET, SOCKET.SOCK_RAW, SOCKET.IPPROTO_TCP) . SOCKET.AF_INET  INTERNET PROTOCOL (IPV4) . SOCKET.AF_INET6  INTERNET PROTOCOL (IPV6) . SOCKET.SOCK_RAW  CONNECTION BASED STREAM (TCP) . SOCKET.SOCK_DGRAM DATAGRAM (UDP) . SOCKET.IPPROTO_TCP FOR TCP . SOCKET.IPPROTO_IP FOR IP . SOCKET.IPPROTO_UDP FOR UDP Steps of Implementation (Cont.)
 Receive a packet and get packet string from tuple. packet = s.Recvfrom(65565)  receiving a packet with buffer size packet = packet [0]  defining a packet ip_ipheader = packet [0:20]   Unpacking TCP/IP header from received packets. Ipheader = unpack(‘bbhhhbbh4s4s’, ip_ipheader) struct.Unpack(fmt, string) Unpack the string according to the given format. The result is a tuple even if it contains exactly one item. Steps of Implementation (Cont.)
Now parse the TCP/IP packet for retrieving TCP/IP header.  IP header ttl = ipheader[5] protocol = ipheader[6] s_addr = socket.Inet_ntoa(ipheader[8]); d_addr = socket.Inet_ntoa(ipheader[9]);  TCP header source_port = tcpheader[0] dest_port = tcpheader[1] sequence = tcpheader[2] acknowledgement = tcpheader[3] off_reserved = tcpheader[4] tcpheader_length = doff_reserved >> 4 Steps of Implementation (Cont.)
RESULT
Packet sniffer is used for network troubleshooting by network administrators. It’s used for analyzing network traffic why is the network slow? What is network traffic pattern? How is the traffic is shared between the nodes? Uses of Packet Sniffer:
Capturing the clear text usernames and passwords. Capturing and replying voip telephone conversations Conversion of network traffic into human readable form. Uses of Packet Sniffer (Cont.):
A packet sniffer might be installed at any point along the network. It could also be sneakily installed on a server that acts as a gateway. A packet sniffer is not just a hacker’s tool. It can be used for network troubleshooting and other useful purposes. However, in the wrong hands, a packet sniffer can capture sensitive personal information that can lead to invasion of privacy. Conclusion
 https://docs.python.org/2/library/socket.html  www.dabeaz.com/python/pythonnetbinder.pdf  https://www.tutorialspoint.com/python3/index.htm  https://acadndtechy.files.wordpress.com/2015/01/computer-networks-a- systems-approach-larry-l-peterson-morgan-kaufmann.pdf References
PACKET Sniffer IMPLEMENTATION

Recommended

Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
vilss
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
Kunal Thakur
 
Packet sniffers
Packet sniffers Packet sniffers
Packet sniffers
Ravi Teja Reddy
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
Shyama Bhuvanendran
 
Packet sniffing in LAN
Packet sniffing in LANPacket sniffing in LAN
Packet sniffing in LAN
Arpit Suthar
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
guestfa1226
 
Packet sniffer repot
Packet sniffer repotPacket sniffer repot
Packet sniffer repot
Kunal Thakur
 
Wireshark
WiresharkWireshark
Wireshark
Kasun Madusanke
 

Recommended

Packet Sniffer
Packet Sniffer Packet Sniffer
Packet Sniffer
vilss
 
Packet sniffers
Packet sniffersPacket sniffers
Packet sniffers
Kunal Thakur
 
Packet sniffers
Packet sniffers Packet sniffers
Packet sniffers
Ravi Teja Reddy
 
Packet sniffing
Packet sniffingPacket sniffing
Packet sniffing
Shyama Bhuvanendran
 
Packet sniffing in LAN
Packet sniffing in LANPacket sniffing in LAN
Packet sniffing in LAN
Arpit Suthar
 
Packet Sniffing
Packet SniffingPacket Sniffing
Packet Sniffing
guestfa1226
 
Packet sniffer repot
Packet sniffer repotPacket sniffer repot
Packet sniffer repot
Kunal Thakur
 
Wireshark
WiresharkWireshark
Wireshark
Kasun Madusanke
 
Wireshark
WiresharkWireshark
Wireshark
Sourav Roy
 
WLAN:VPN Security
WLAN:VPN SecurityWLAN:VPN Security
WLAN:VPN Security
@zenafaris91
 
MAC Address – All you Need to Know About it
MAC Address – All you Need to Know About itMAC Address – All you Need to Know About it
MAC Address – All you Need to Know About it
Asya Karapetyan
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for network
Eng. Mohammed Ahmed Siddiqui
 
Wireshark
WiresharkWireshark
Wireshark
Alanoud Alqoufi
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber security
KAMALI PRIYA P
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
ashutosh rai
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark Tutorial
Coursenvy.com
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
mhaviv
 
Firewall
FirewallFirewall
Firewall
Muhammad Sohaib Afzaal
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
n|u - The Open Security Community
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
Cleverence Kombe
 
Firewalls
FirewallsFirewalls
Firewalls
Kalluri Madhuri
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
Phannarith Ou, G-CISO
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
Wireshark
Wireshark Wireshark
Wireshark
antivirusspam
 
Firewall
FirewallFirewall
Firewall
Saurabh Chauhan
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network security
Chippy Thomas
 
Packet sniffing & ARP Poisoning
Packet sniffing & ARP Poisoning Packet sniffing & ARP Poisoning
Packet sniffing & ARP Poisoning
Viren Rao
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
David Sweigert
 
Sniffer for the mobile phones
Sniffer for the mobile phonesSniffer for the mobile phones
Sniffer for the mobile phones
Upender Upr
 
Sniffer ppt
Sniffer pptSniffer ppt
Sniffer ppt
Rajashree Praharaj
 

More Related Content

What's hot

network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
ashutosh rai
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
David Sweigert
 

What's hot (20)

Wireshark
WiresharkWireshark
Wireshark
 
WLAN:VPN Security
WLAN:VPN SecurityWLAN:VPN Security
WLAN:VPN Security
 
MAC Address – All you Need to Know About it
MAC Address – All you Need to Know About itMAC Address – All you Need to Know About it
MAC Address – All you Need to Know About it
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for network
 
Wireshark
WiresharkWireshark
Wireshark
 
Network traffic analysis with cyber security
Network traffic analysis with cyber securityNetwork traffic analysis with cyber security
Network traffic analysis with cyber security
 
network monitoring system ppt
network monitoring system pptnetwork monitoring system ppt
network monitoring system ppt
 
Wireshark Tutorial
Wireshark TutorialWireshark Tutorial
Wireshark Tutorial
 
Wireshark Inroduction Li In
Wireshark Inroduction Li InWireshark Inroduction Li In
Wireshark Inroduction Li In
 
Firewall
FirewallFirewall
Firewall
 
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using WiresharkNetwork Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
 
Firewalls
FirewallsFirewalls
Firewalls
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Wireshark
Wireshark Wireshark
Wireshark
 
Firewall
FirewallFirewall
Firewall
 
Packet capture in network security
Packet capture in network securityPacket capture in network security
Packet capture in network security
 
Packet sniffing & ARP Poisoning
Packet sniffing & ARP Poisoning Packet sniffing & ARP Poisoning
Packet sniffing & ARP Poisoning
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
 

Viewers also liked

Sniffer for detecting lost mobile ppt
Sniffer for detecting lost mobile pptSniffer for detecting lost mobile ppt
Sniffer for detecting lost mobile ppt
asmita tarar
 
Network Packet Analysis
Network Packet AnalysisNetwork Packet Analysis
Network Packet Analysis
Ammar WK
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANs
Ishraq Al Fataftah
 
Eye phone
Eye phoneEye phone
Eye phone
Pushkar Dutt
 
Sniffer for detecting lost mobiles
Sniffer for detecting lost mobilesSniffer for detecting lost mobiles
Sniffer for detecting lost mobiles
akhila immadisetty
 
Eye phone .1
Eye phone .1Eye phone .1
Eye phone .1
nivi6
 
Creating a Literate Environment
Creating a Literate EnvironmentCreating a Literate Environment
Creating a Literate Environment
amandargross
 

Viewers also liked (20)

Sniffer for the mobile phones
Sniffer for the mobile phonesSniffer for the mobile phones
Sniffer for the mobile phones
 
Sniffer ppt
Sniffer pptSniffer ppt
Sniffer ppt
 
Sniffer for detecting lost mobile ppt
Sniffer for detecting lost mobile pptSniffer for detecting lost mobile ppt
Sniffer for detecting lost mobile ppt
 
Sniffing via dsniff
Sniffing via dsniffSniffing via dsniff
Sniffing via dsniff
 
Sniffer
SnifferSniffer
Sniffer
 
Sniffer for detecting lost mobiles
Sniffer for detecting lost mobilesSniffer for detecting lost mobiles
Sniffer for detecting lost mobiles
 
Network Packet Analysis
Network Packet AnalysisNetwork Packet Analysis
Network Packet Analysis
 
Packet sniffing in switched LANs
Packet sniffing in switched LANsPacket sniffing in switched LANs
Packet sniffing in switched LANs
 
Eye phone
Eye phoneEye phone
Eye phone
 
Sniffer for detecting lost mobiles
Sniffer for detecting lost mobilesSniffer for detecting lost mobiles
Sniffer for detecting lost mobiles
 
Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark Practical Packet Analysis: Wireshark
Practical Packet Analysis: Wireshark
 
Eye phone .1
Eye phone .1Eye phone .1
Eye phone .1
 
Sniffer for Detecting Lost Mobile
Sniffer for Detecting Lost MobileSniffer for Detecting Lost Mobile
Sniffer for Detecting Lost Mobile
 
Wireshark - presentation
Wireshark - presentationWireshark - presentation
Wireshark - presentation
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Network Packet Analysis with Wireshark
Network Packet Analysis with WiresharkNetwork Packet Analysis with Wireshark
Network Packet Analysis with Wireshark
 
Phishing
PhishingPhishing
Phishing
 
Phishing
PhishingPhishing
Phishing
 
A presentation on Phishing
A presentation on PhishingA presentation on Phishing
A presentation on Phishing
 
Creating a Literate Environment
Creating a Literate EnvironmentCreating a Literate Environment
Creating a Literate Environment
 

Similar to PACKET Sniffer IMPLEMENTATION

Please help with the below 3 questions, the python script is at the.pdf
Please help with the below 3 questions, the python script is at the.pdfPlease help with the below 3 questions, the python script is at the.pdf
Please help with the below 3 questions, the python script is at the.pdf
support58
 
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docxWireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
alanfhall8953
 
Wireshark ip sept_15_2009
Wireshark ip sept_15_2009Wireshark ip sept_15_2009
Wireshark ip sept_15_2009
wab030
 
Pears
PearsPears
Pears
thips
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
smile790243
 
Wireshark Lab IP v6.0 Supplement to Computer Networking.docx
Wireshark Lab IP v6.0 Supplement to Computer Networking.docxWireshark Lab IP v6.0 Supplement to Computer Networking.docx
Wireshark Lab IP v6.0 Supplement to Computer Networking.docx
alanfhall8953
 
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 FinalExploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
masoodnt10
 

Similar to PACKET Sniffer IMPLEMENTATION (20)

ACN solved Manual By Ketan.pdf
ACN solved Manual By Ketan.pdfACN solved Manual By Ketan.pdf
ACN solved Manual By Ketan.pdf
 
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...
IRJET- Assessment of Network Protocol Packet Analysis in IPV4 and IPV6 on Loc...
 
Please help with the below 3 questions, the python script is at the.pdf
Please help with the below 3 questions, the python script is at the.pdfPlease help with the below 3 questions, the python script is at the.pdf
Please help with the below 3 questions, the python script is at the.pdf
 
Itep
ItepItep
Itep
 
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docxWireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
Wireshark Lab IP v6.0Supplement to Computer Networking A Top-D.docx
 
Pycon Sec
Pycon SecPycon Sec
Pycon Sec
 
Wireshark ip sept_15_2009
Wireshark ip sept_15_2009Wireshark ip sept_15_2009
Wireshark ip sept_15_2009
 
Pears
PearsPears
Pears
 
Troubleshooting basic networks
Troubleshooting basic networksTroubleshooting basic networks
Troubleshooting basic networks
 
Chapter 3. sensors in the network domain
Chapter 3. sensors in the network domainChapter 3. sensors in the network domain
Chapter 3. sensors in the network domain
 
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docxLab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
Lab Exercise #4 IPv4 Dr. Anne Kohnke 1 Obj.docx
 
How does the internet work converted General (Your) Affiliate Link: https://w...
How does the internet work converted General (Your) Affiliate Link: https://w...How does the internet work converted General (Your) Affiliate Link: https://w...
How does the internet work converted General (Your) Affiliate Link: https://w...
 
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
Pcapy and dpkt - tcpdump on steroids - Ran Leibman - DevOpsDays Tel Aviv 2018
 
maXbox starter30 Web of Things
maXbox starter30 Web of ThingsmaXbox starter30 Web of Things
maXbox starter30 Web of Things
 
Wireshark Lab IP v6.0 Supplement to Computer Networking.docx
Wireshark Lab IP v6.0 Supplement to Computer Networking.docxWireshark Lab IP v6.0 Supplement to Computer Networking.docx
Wireshark Lab IP v6.0 Supplement to Computer Networking.docx
 
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 FinalExploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
Exploiting Network Protocols To Exhaust Bandwidth Links 2008 Final
 
Maxbox starter18
Maxbox starter18Maxbox starter18
Maxbox starter18
 
Libpcap
LibpcapLibpcap
Libpcap
 
Multipath TCP Upstreaming
Multipath TCP UpstreamingMultipath TCP Upstreaming
Multipath TCP Upstreaming
 
Arduino Teaching Program
Arduino Teaching ProgramArduino Teaching Program
Arduino Teaching Program
 

PACKET Sniffer IMPLEMENTATION

  • 1. PACKET SNIFFER IMPLEMENTATION By Badrik Modi (011496654) Goutham Sunkara (011463270) Harika Reddy Patlolla (011050052) Sreekar Adapa (011468938)
  • 2.  what is a packet sniffing?  How does it work?  Implementation using python  Result  Uses of packet sniffer  Conclusion  References CONTENT:
  • 3.  Packet sniffing, or packet analyzer, is the process of capturing the data that is passed over the local network and looking for any information that may be useful.  Packet sniffing is a passive technique, no one actually is attacking your computer and investigating through the files. most of the time, system administrator uses packet sniffer to troubleshoot network problems. What is Packet Sniffing?
  • 4.  Typically, when people think of network traffic, they think that it goes directly from their computers to the router or switch and up to the gateway and then out to the internet, where it routes similarly until it gets to specified destination.  This is mostly true except for one fundamental detail. Your computer isn’t sending data anywhere. How does it work?
  • 5.  Instead, it broadcasts the data in packets but have the destination in the header.  Every node on network receives the packet, determines whether it is the intended recipient and then either accepts the packet or ignores it. How does it work? (Cont.)
  • 6.  Sniffing method works in switched and non-switched network.  Sniffing methods IP based sniffing. MAC based sniffing. ARP based sniffing. Sniffing Methods:
  • 7. Sniffer program  Wireshark is the commonly used packet sniffer/protocol analyzer.  Packet sniffers can be written in python too and in this program we have written a sniffer program in python in Linux platform.  Why Linux? Although python is a portable, the program won’t run and give similar results on windows. Implementation Using Python
  • 8.  This is due to difference in the implementation of the socket API.  Our packet sniffer program doesn’t use any extra libraries like libpcap. Instead, they just use raw sockets. Implementation Using Python (Cont.)
  • 9.  Create a raw socket.  Receive a packet and get packet string from tuple.  From received packet parse TCP/IP header with the help of unpack method.  Now parse the TCP/IP packet for retrieving TCP/IP header. Steps of Implementation
  • 10.  Now check with the internal protocol used. If IP then, parse IP packet for retrieving IP header Then print version, IP header length, TTL, protocol, source address and destination address. If TCP then, parse TCP packet for retrieving TCP header Then print source port, destination port, sequence number, acknowledgement and TCP header length. Steps of Implementation (Cont.)
  • 11.  CREATING A RAW SOCKET. S = SOCKET.SOCKET(SOCKET.AF_INET, SOCKET.SOCK_RAW, SOCKET.IPPROTO_TCP) . SOCKET.AF_INET  INTERNET PROTOCOL (IPV4) . SOCKET.AF_INET6  INTERNET PROTOCOL (IPV6) . SOCKET.SOCK_RAW  CONNECTION BASED STREAM (TCP) . SOCKET.SOCK_DGRAM DATAGRAM (UDP) . SOCKET.IPPROTO_TCP FOR TCP . SOCKET.IPPROTO_IP FOR IP . SOCKET.IPPROTO_UDP FOR UDP Steps of Implementation (Cont.)
  • 12.  Receive a packet and get packet string from tuple. packet = s.Recvfrom(65565)  receiving a packet with buffer size packet = packet [0]  defining a packet ip_ipheader = packet [0:20]   Unpacking TCP/IP header from received packets. Ipheader = unpack(‘bbhhhbbh4s4s’, ip_ipheader) struct.Unpack(fmt, string) Unpack the string according to the given format. The result is a tuple even if it contains exactly one item. Steps of Implementation (Cont.)
  • 13. Now parse the TCP/IP packet for retrieving TCP/IP header.  IP header ttl = ipheader[5] protocol = ipheader[6] s_addr = socket.Inet_ntoa(ipheader[8]); d_addr = socket.Inet_ntoa(ipheader[9]);  TCP header source_port = tcpheader[0] dest_port = tcpheader[1] sequence = tcpheader[2] acknowledgement = tcpheader[3] off_reserved = tcpheader[4] tcpheader_length = doff_reserved >> 4 Steps of Implementation (Cont.)
  • 15. Packet sniffer is used for network troubleshooting by network administrators. It’s used for analyzing network traffic why is the network slow? What is network traffic pattern? How is the traffic is shared between the nodes? Uses of Packet Sniffer:
  • 16. Capturing the clear text usernames and passwords. Capturing and replying voip telephone conversations Conversion of network traffic into human readable form. Uses of Packet Sniffer (Cont.):
  • 17. A packet sniffer might be installed at any point along the network. It could also be sneakily installed on a server that acts as a gateway. A packet sniffer is not just a hacker’s tool. It can be used for network troubleshooting and other useful purposes. However, in the wrong hands, a packet sniffer can capture sensitive personal information that can lead to invasion of privacy. Conclusion
  • 18.  https://docs.python.org/2/library/socket.html  www.dabeaz.com/python/pythonnetbinder.pdf  https://www.tutorialspoint.com/python3/index.htm  https://acadndtechy.files.wordpress.com/2015/01/computer-networks-a- systems-approach-larry-l-peterson-morgan-kaufmann.pdf References